env-detector 1.0.0

package/LICENSE

@@ -0,0 +1,2 @@
+MIT License
+Copyright (c) 2026

package/README.md

@@ -0,0 +1,25 @@
+# env-scan
+
+Automatically generate .env file by scanning process.env usage.
+
+## Install
+
+npx env-scan
+
+OR
+
+npm install -g env-scan
+
+## Usage
+
+env-scan
+
+## Example
+
+process.env.DB_HOST
+process.env.PORT
+
+Generated:
+
+DB_HOST=
+PORT=

package/bin/env-scan.js

@@ -0,0 +1,204 @@
+#!/usr/bin/env node
+
+const fs = require("fs");
+const path = require("path");
+const readline = require("readline-sync");
+const { scanProject, scanSecurity } = require("../src/scan");
+
+const cwd = process.cwd();
+const envPath = path.join(cwd, ".env");
+
+const args = process.argv.slice(2);
+
+const askMode = args.includes("--ask");
+const compareMode = args.includes("--compare");
+const checkMode = args.includes("--check");
+const fixMode = args.includes("--fix");
+const securityMode = args.includes("--security");
+const strictMode = args.includes("--strict");
+
+let result = scanProject(cwd);
+
+
+// security
+if (securityMode) {
+  const issues = scanSecurity(cwd);
+
+  if (!issues.length) {
+    console.log("✔ No security issues\n");
+    process.exit(0);
+  }
+
+  console.log("\nSecurity issues:\n");
+  issues.forEach(i => console.log(" -", i.file));
+  console.log("");
+
+  process.exit(0);
+}
+
+
+// compare
+if (compareMode) {
+
+  console.log("\nUsed:");
+  result.used.forEach(v => console.log(" -", v));
+
+  console.log("\nMissing:");
+  result.missing.forEach(v => console.log(" -", v));
+
+  console.log("\nEmpty:");
+  result.empty.forEach(v => console.log(" -", v));
+
+  console.log("\nUnused:");
+  result.unused.forEach(v => console.log(" -", v));
+
+  console.log("");
+  process.exit(0);
+}
+
+
+// check
+if (checkMode) {
+
+  if (result.missing.length || result.empty.length) {
+
+    console.log("\nENV check failed");
+
+    result.missing.forEach(v => console.log("Missing:", v));
+    result.empty.forEach(v => console.log("Empty:", v));
+
+    console.log("");
+    process.exit(1);
+  }
+
+  console.log("✔ ENV check passed\n");
+  process.exit(0);
+}
+
+
+// create env
+if (!fs.existsSync(envPath)) {
+  fs.writeFileSync(envPath, "");
+}
+
+
+// grouped generation
+if (Object.keys(result.grouped).length) {
+
+  let output = "";
+
+  // collect grouped keys
+  const groupedKeys = new Set();
+
+  Object.values(result.grouped).forEach(keys => {
+    keys.forEach(k => groupedKeys.add(k));
+  });
+
+  // GLOBAL VARIABLES
+  const globalKeys = result.used.filter(k => !groupedKeys.has(k));
+
+  if (globalKeys.length) {
+    output += "# global\n";
+
+    globalKeys.forEach(key => {
+      const value = result.defaults?.[key] ?? "";
+      output += `${key}=${value}\n`;
+    });
+
+    output += "\n";
+  }
+
+  // GROUPED ENVIRONMENTS
+  Object.entries(result.grouped).forEach(([env, keys]) => {
+
+    output += `# ${env}\n`;
+
+    keys.forEach(key => {
+      const value = result.defaults?.[key] ?? "";
+      output += `${key}=${value}\n`;
+    });
+
+    output += "\n";
+  });
+
+  fs.writeFileSync(envPath, output.trim() + "\n");
+
+  console.log("✔ Generated grouped env file\n");
+  process.exit(0);
+}
+
+
+// parse env to map
+let content = fs.existsSync(envPath)
+  ? fs.readFileSync(envPath, "utf8")
+  : "";
+
+const envMap = {};
+
+content.split("\n").forEach(line => {
+  const [k, ...rest] = line.split("=");
+  if (!k) return;
+  envMap[k.trim()] = rest.join("=");
+});
+
+
+// ask mode
+const askList = [...new Set([...result.missing, ...result.empty])];
+
+if (askMode && askList.length) {
+
+  askList.forEach(key => {
+    const value = readline.question(`${key} = `);
+    envMap[key] = value;
+  });
+
+  const newContent = Object.entries(envMap)
+    .map(([k, v]) => `${k}=${v}`)
+    .join("\n");
+
+  fs.writeFileSync(envPath, newContent + "\n");
+
+  console.log("✔ .env updated\n");
+  process.exit(0);
+}
+
+
+// add missing
+result.missing.forEach(key => {
+  const value = result.defaults?.[key] ?? "";
+  if (!envMap[key]) {
+    envMap[key] = value;
+  }
+});
+
+
+// fix unused
+if (fixMode) {
+  result.unused.forEach(key => delete envMap[key]);
+}
+
+
+const newContent = Object.entries(envMap)
+  .map(([k, v]) => `${k}=${v}`)
+  .join("\n");
+
+fs.writeFileSync(envPath, newContent + "\n");
+
+
+// strict
+if (strictMode) {
+  if (
+    result.missing.length ||
+    result.empty.length ||
+    result.unused.length
+  ) {
+    console.log("✖ strict mode failed\n");
+    process.exit(1);
+  }
+
+  console.log("✔ strict mode passed\n");
+  process.exit(0);
+}
+
+
+console.log("✔ env scan complete\n");

package/package.json

@@ -0,0 +1,21 @@
+{
+  "name": "env-detector",
+  "version": "1.0.0",
+  "description": "Smart .env generator and auditor",
+  "main": "src/scan.js",
+  "bin": {
+    "env-detector": "./bin/env-scan.js",
+    "env-scan": "./bin/env-scan.js"
+  },
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "keywords": ["env", "dotenv", "environment", "env-scan", "env-detector"],
+  "author": "Jenil Gajjar",
+  "license": "MIT",
+  "dependencies": {
+    "@babel/parser": "^7.29.2",
+    "@babel/traverse": "^7.29.0",
+    "readline-sync": "^1.4.10"
+  }
+}

package/src/scan.js

@@ -0,0 +1,249 @@
+const fs = require("fs");
+const path = require("path");
+const parser = require("@babel/parser");
+const traverse = require("@babel/traverse").default;
+
+function scanProject(rootDir) {
+  const usedEnvVars = new Set();
+  const defaultValues = new Map();
+  const groupedEnv = {};
+
+  function scanDir(dir) {
+    const files = fs.readdirSync(dir);
+
+    for (const file of files) {
+      if (
+        file === "node_modules" ||
+        file === ".git" ||
+        file === "dist" ||
+        file === "build" ||
+        file.startsWith(".")
+      ) continue;
+
+      const fullPath = path.join(dir, file);
+      const stat = fs.statSync(fullPath);
+
+      if (stat.isDirectory()) {
+        scanDir(fullPath);
+      } else if (/\.(js|ts|jsx|tsx)$/.test(file)) {
+        const content = fs.readFileSync(fullPath, "utf8");
+
+        try {
+          const ast = parser.parse(content, {
+            sourceType: "module",
+            plugins: ["typescript", "jsx"],
+          });
+
+          traverse(ast, {
+
+            // detect grouped config (development/staging/etc)
+            ObjectProperty(path) {
+
+              const envName = path.node.key.name;
+
+              if (!path.node.value || path.node.value.type !== "ObjectExpression")
+                return;
+
+              const vars = new Set();
+
+              path.node.value.properties.forEach(prop => {
+
+                if (!prop.value) return;
+
+                // process.env.KEY
+                if (
+                  prop.value.type === "MemberExpression" &&
+                  prop.value.object?.object?.name === "process" &&
+                  prop.value.object?.property?.name === "env"
+                ) {
+                  const key =
+                    prop.value.property.name ||
+                    prop.value.property.value;
+
+                  vars.add(key);
+                  usedEnvVars.add(key);
+                }
+
+                // process.env.KEY || value
+                if (prop.value.type === "LogicalExpression") {
+
+                  const left = prop.value.left;
+                  const right = prop.value.right;
+
+                  if (
+                    left.type === "MemberExpression" &&
+                    left.object?.object?.name === "process"
+                  ) {
+                    const key =
+                      left.property.name || left.property.value;
+
+                    vars.add(key);
+                    usedEnvVars.add(key);
+
+                    if (
+                      right.type === "StringLiteral" ||
+                      right.type === "NumericLiteral" ||
+                      right.type === "BooleanLiteral"
+                    ) {
+                      defaultValues.set(key, right.value);
+                    }
+                  }
+                }
+
+              });
+
+              if (vars.size) {
+                groupedEnv[envName] = Array.from(vars);
+              }
+            },
+
+            // standalone process.env.KEY
+            MemberExpression(path) {
+              const node = path.node;
+
+              if (
+                node.object &&
+                node.object.type === "MemberExpression" &&
+                node.object.object?.name === "process" &&
+                node.object.property?.name === "env"
+              ) {
+                const key =
+                  node.property.name || node.property.value;
+
+                usedEnvVars.add(key);
+              }
+            },
+
+            // destructuring
+            VariableDeclarator(path) {
+              if (
+                path.node.init &&
+                path.node.init.type === "MemberExpression" &&
+                path.node.init.object.name === "process" &&
+                path.node.init.property.name === "env"
+              ) {
+                if (path.node.id.type === "ObjectPattern") {
+                  path.node.id.properties.forEach(prop => {
+                    if (prop.key?.name) {
+                      usedEnvVars.add(prop.key.name);
+                    }
+                  });
+                }
+              }
+            },
+
+            // fallback detection
+            LogicalExpression(path) {
+              const left = path.node.left;
+              const right = path.node.right;
+
+              if (
+                left.type === "MemberExpression" &&
+                left.object?.object?.name === "process" &&
+                left.object?.property?.name === "env"
+              ) {
+                const key =
+                  left.property.name || left.property.value;
+
+                usedEnvVars.add(key);
+
+                if (
+                  right.type === "StringLiteral" ||
+                  right.type === "NumericLiteral" ||
+                  right.type === "BooleanLiteral"
+                ) {
+                  defaultValues.set(key, right.value);
+                }
+              }
+            },
+
+          });
+
+        } catch (err) {}
+      }
+    }
+  }
+
+  scanDir(rootDir);
+
+  // read existing env
+  const envPath = path.join(rootDir, ".env");
+  const envFileVars = new Set();
+  const emptyVars = new Set();
+
+  if (fs.existsSync(envPath)) {
+    const envContent = fs.readFileSync(envPath, "utf8");
+
+    envContent.split("\n").forEach(line => {
+      const trimmed = line.trim();
+      if (!trimmed || trimmed.startsWith("#")) return;
+
+      const [key, value] = trimmed.split("=");
+
+      if (key) {
+        envFileVars.add(key.trim());
+
+        if (!value || value.trim() === "") {
+          emptyVars.add(key.trim());
+        }
+      }
+    });
+  }
+
+  const missing = [...usedEnvVars].filter(
+    key => !envFileVars.has(key)
+  );
+
+  const unused = [...envFileVars].filter(
+    key => !usedEnvVars.has(key)
+  );
+
+  return {
+    used: Array.from(usedEnvVars),
+    missing,
+    unused,
+    empty: Array.from(emptyVars),
+    defaults: Object.fromEntries(defaultValues),
+    grouped: groupedEnv
+  };
+}
+
+
+// security scan
+function scanSecurity(rootDir) {
+
+  const issues = [];
+
+  const regex =
+    /(password|secret|token|apikey|key)\s*[:=]\s*['"][^'"]+['"]/gi;
+
+  function scan(dir) {
+    const files = fs.readdirSync(dir);
+
+    for (const file of files) {
+
+      if (file === "node_modules" || file === ".git") continue;
+
+      const full = path.join(dir, file);
+      const stat = fs.statSync(full);
+
+      if (stat.isDirectory()) {
+        scan(full);
+      } else if (/\.(js|ts|env)$/.test(file)) {
+        const content = fs.readFileSync(full, "utf8");
+
+        if (regex.test(content)) {
+          issues.push({ file: full });
+        }
+      }
+    }
+  }
+
+  scan(rootDir);
+  return issues;
+}
+
+module.exports = {
+  scanProject,
+  scanSecurity
+};

package/src/writer.js

@@ -0,0 +1,24 @@
+const fs = require("fs");
+const path = require("path");
+
+function updateEnv(vars) {
+  const envPath = path.join(process.cwd(), ".env");
+
+  let existing = "";
+
+  if (fs.existsSync(envPath)) {
+    existing = fs.readFileSync(envPath, "utf8");
+  }
+
+  let output = existing;
+
+  vars.forEach(key => {
+    if (!existing.includes(key + "=")) {
+      output += `\n${key}=`;
+    }
+  });
+
+  fs.writeFileSync(envPath, output);
+}
+
+module.exports = { updateEnv };